Agent-driven traffic is API activity generated by software that can initiate follow-on calls without human intervention. It is more difficult to govern than ordinary automation because a single approved action can expand into multiple requests, retries, or recursive workflows.
Expanded Definition
Agent-driven traffic describes API calls initiated by software agents that can continue execution without human approval at each step. In NHI governance, the key distinction is not simply automation, but delegated action with the ability to branch, retry, query, and chain requests based on environment state. That creates a larger operational blast radius than a single scheduled job or scripted integration.
Definitions vary across vendors because some teams label any machine-to-machine API use as agent-driven, while others reserve the term for systems with reasoning, tool use, or recursive workflows. NHI Management Group treats the term as a behavioural pattern: traffic becomes agent-driven when one authorised action can trigger follow-on actions that inherit the original identity, scope, or token context. This is why controls discussed in the OWASP Agentic AI Top 10 and the NIST AI Risk Management Framework matter for identity governance, not just model safety.
The most common misapplication is treating agent-driven traffic as ordinary application telemetry, which occurs when teams ignore the difference between a single API request and a self-directed sequence of requests generated from the same credential.
Examples and Use Cases
Implementing governance for agent-driven traffic rigorously often introduces more request tracing, token scoping, and policy checks, requiring organisations to weigh operational agility against tighter control of emergent call chains.
- A customer-support agent opens a ticket, then autonomously checks billing, updates the CRM, and sends a refund request without human review between steps.
- A code assistant uses a service account to inspect repositories, trigger tests, and create follow-on pull requests after a single approved prompt.
- An SRE bot detects a failed deployment, retries an API call, scales infrastructure, and posts status updates through the same delegated identity.
- A supply-chain workflow fetches secrets, calls a partner API, and recursively enriches records after receiving partial results, creating a broader attack path if the credential is abused.
These patterns are discussed in NHIMG research such as OWASP NHI Top 10 and the Analysis of Claude Code Security, where follow-on execution and delegated tooling create governance challenges that differ from static automation. The pattern is also visible in the NIST AI Risk Management Framework and the MITRE ATLAS adversarial AI threat matrix when agents are able to amplify one action into many.
Why It Matters in NHI Security
Agent-driven traffic matters because it can hide privilege escalation inside normal-looking API volume. A single credential may appear legitimate at first use, yet the agent can expand that permission into retries, discovery calls, writes, or cross-system actions that were never intended at approval time. That is why organisations need lineage, rate controls, step-level authorisation, and tight secret handling rather than broad trust in the initiating identity.
NHIMG data shows that 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, and 97% of NHIs carry excessive privileges, which makes agent-driven traffic especially dangerous when delegation is broad or poorly bounded. The same risk shows up when defenders find that the actor was not a human session at all, but a chain of machine-issued requests driven by one overpowered credential. The NHIMG Ultimate Guide to NHIs — 2025 Outlook and Predictions also notes that 90% of IT leaders see proper NHI management as essential to zero trust, underscoring how agent traffic belongs in identity governance, not just application monitoring.
Organisations typically encounter the consequence only after an outage, abuse spike, or unauthorized data pull reveals that one approved agent action had silently become many, at which point agent-driven traffic becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and OWASP Agentic AI Top 10 address the attack and risk surface, while NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-02 | Agent-driven traffic often reveals secret misuse and token sprawl across chained calls. |
| OWASP Agentic AI Top 10 | A1 | Agentic systems can expand one action into many tool calls and requests. |
| NIST AI RMF | AI RMF addresses governance of AI-enabled actions, including autonomous call sequences. |
Assess agent autonomy, monitor emergent behaviors, and assign accountable controls.
